Week 21 in Review – 2013

SOURCE Dublin Wrap-Up Day #1 – blog.rootshell.be
I flew on Wednesday evening to Dublin, Ireland to attend the SOURCE conference (previously, it was organised in Barcelona). The conference was held in the Trinity College, in the centre of the city.

SOURCE Dublin Wrap-Up Day #2 – blog.rootshell.be
This second day started with Vincenzo Lozzo‘s keynote. Lorenzo gave first, some facts. From an economic point of view, Internet will generate nice business in the coming years (2012: $60B, in 2016: $86B – according to Gartner).

Scanner identifies malware strains, could be future of AV – net-security.org
At the annual AusCert conference held this week in Australia a doctorate candidate from Deakin University in Melbourne has presented the result of his research and work that just might be the solution to this problem.

NoSuchCon13 and crashing Windows with two instructions – j00ru.vexillium.org
The first edition of the NoSuchCon security conference held in Paris ended just a few days ago. Before anything else, I would like to thank all of the organizers (proudly listed at nosuchcon.org) for making the event such a blast!

Resources

Interview With A Blackhat

Interview With A Blackhat (Part 1) – blog.whitehatsec.com
Over the last few years, I have made myself available to be an ear for the ‘blackhat community.’ The blackhat community, often referred to as the internet underground, is a label describing those participating on the other side of the

[cyber] law, who willingly break online terms of service and software licensing agreements, who may trade in warez, exploits, botnets, credit card numbers, social security numbers, stolen account credentials, and so on.

OWASPs 2013 Web Vulnerabilities List Will Shuffle the Top Ten – resources.infosecinstitute.com
The OWASP Top 10 list publicizes the most critical web application security flaws as determined by Open Web Application Security Project (OWASP), a nonprofit, vendor-independent IT security organization formed in 2001. In this article, we preview the 2013 edition of this popular security resource.

Reverse Engineering Obfuscated Assemblies – resources.infosecinstitute.com
In previous articles that talked about .NET reverse engineering, we covered almost every aspect of reversing .NET assemblies, we explained how this kind of binary is compiled, executed, how we can compile it, decompile it, how to apply patches, as well as the concept of round trip engineering and how to bypass strong name signatures.

Download Multiple Nessus Reports via the Nessus XML-RPC API – security.sunera.com
Several months back I began to look at various ways to automate some of the common tasks that are usually performed within the Nessus GUI. I was familiar with nessuscmd, and had leveraged that tool within some scripts, but it didn’t fit the bill for a lot of the administrative activity that I thought could be automated, or at least made more efficient.

MoVP II – 2.1 – RSA Private Keys and Certificates – volatility-labs.blogspot.com
Those of you who downloaded the Volatility Cheat Sheet v2.3 may have noticed a plugin named dumpcerts, which is a relatively new addition to the plugin scene for Windows. Its based on the work by Tobias Klein called Extracting RSA private keys and certificates from process memory.

zfasel/ZackAttack – github.com
ZackAttack! is a new Tool Set to do NTLM Authentication relaying unlike any other tool currently out there.

Dissecting Blackberry 10 An initial analysis – sec-consult.com
In 2013, Blackberry has presented a brand new operating system which significantly differs from others presented on the smartphone market. A very high security level is announced, and the expectations are corresponding. Some analytics consider this as the last chance for Blackberry “to get back in the big game” and stand in the row with such giants as iOS and Android.

Techniques

Improving the security of your SSH private key files – martin.kleppmann.com
When you start reading about “crypto stuff”, you very quickly get buried in an avalanche of acronyms. I will briefly mention the acronyms as we go along; they don’t help you understand the concepts, but they are useful in case you want to Google for further details.

Re: exploitation ideas under memory pressure – seclists.org
The question is how to get PATHALLOC() to succeed under memory pressure so we can make this exploitable, my first thought was have another thread manipulating the free pool, but I can’t figure out how to synchronize that. Getting code execution should be trivial after this.

Java Web Vulnerability Mitigation on Windows – tojoswalls.blogspot.com
The ubiquity of the Java browser plug-in has made it one of the largest attack surfaces on Windows clients for web-based attacks, particularly making it easy to perform undetectable drive-by download and “poisoning the well” attacks.

WordPress Under Attack – cylance.com
In the last few weeks, Internet hacking attacks have increased and thousands of sites have already been compromised. Many security observers have seen 1,000,000s of scans of their WordPress installation on a single day in April, as noted by the Sucuri Blog on April 11, 2013 – see http://blog.sucuri.net/2013/04/the-wordpress-brute-force-attack-timeline.html.

Power company targeted by 10,000 cyberattacks per month – arstechnica.com
A Congressional survey of utility companies has revealed that the country’s electric grid faces constant assault from hackers, with one power company reporting a whopping 10,000 attempted cyberattacks per month.

Climbing the InfoSec Career Ladder – bankinfosecurity.com
Breaking into the information security field – a male-dominated profession – is a challenge for women. Lisa Xu, CEO of NopSec, identifies the hurdles she’s had to overcome and offers strategies for women to grow in their careers.

DHS Workers’ PII Exposed for Nearly 4 Years – bankinfosecurity.com
A Department of Homeland Security system used to conduct background checks may have exposed personally identifiable information of employees and contractors for nearly four years.

About Us

Infosec Events is dedicated to the growing information security industry. We strive to provide useful information and resources to those in the industry. Don't hesitate to contact us should you need anything.